helping people break out of pigeonholes since 2003

Power to the Persons redux

I believe that VRM starts with you being able to take charge of your data – data that you want to capture, analyse and otherwise harness, both for fun or for usefulness.

At the moment you are the last person to be able to benefit from your data on various platforms and from your ‘digital detritus’ – information that others harvest and use for their own purposes. A site with tools like wesabe may give you the ability to gather and analyse some of your financial data, but you’ll need new tools – free from platform lock-ins – to repeat that trick with data regarding anything else about which you care and need.

Obviously, to make the most of your new-found data autonomy, you will also need to be able to communicate, share and transact that data with others, individuals and vendors.

So there are two foundation stones for the VRM vision as described above:

the place where you store, manage and play with your data (working name: u-spot)

the methods (protocols, standards, etc) for sharing, exchanging and distributing that information, if you so wish.

Having had many discussions on this matter I wanted to share some of the ideas they generated. With Alec’s technical expertise and support we were able to articulate a vision of how people could interact with vendors in a VRM manner using existing online technology – a white paper was born, rivetingly named “Feeds-Based VRM”: A Web-Centric Approach to VRM Implementation

The goals for this paper were to:

invent as little as possible

reuse only popular technologies, techniques and user-interface metaphors in order to enable VRM, and…

provide maximal inclusiveness and extensibility to the VRM implementation, to permit the greatest potential for growth.

…and within these simple constraints we have proposed a simple, inexpensive, viable path for VRM u-spot implementation and information sharing, using familiar technologies such as blogs, feeds, ATOM, and RSS.

Technical outline: the feeds-based VRM concept is for you to be able to manage, manipulate and share information – e.g. hotels you have visited, flights you have taken, wines you have enjoyed – using a pluggable web-based software platform similar to Wordpress or Movable Type; however unlike those tools which deal with free-form blog posts, instead your data is be stored as objects (encoded in pertinent open-standards formats) which are then “shared” via secure, self-referential, closed and authenticated ATOM or RSS feeds that can be read, aggregated or further processed by “subscribers” whom you authorize via your “friends list”.

The effect is: your data is held in one place and is authoritative. Your subscribers can see it. When you change it, your subscribers will see the changes.

No longer will you need to tell people when you change your address. They’ll already know.

Notes:Many thanks to Ben and Kevin for helpful comments. This is a contribution to an open source project to develop a web-centric VRM infrastructure.The title reference is to the original post Power to the Persons!

[...] A little project that I am helping out with in my spare time, creating a new way for people to share information with companies, vendors and friends but shorn of all the federated-knowledge-based-identity-crypto-bullshit. Power to the Persons redux [...]

In the ‘what’ section of your Blog you talk about preferring to work with a PR Company: “…that doesn’t mind examining what they do from first principles”. The next paragraph is entitled “a tangled web we weave”… ~ The clues to why your draft white paper on “Feeds-Based VRM” is so tangled is that, at its premise, it is, as it acknowledges, “A Web-Centric Approach to VRM Implementation”. That’s like, trying to organize a ‘committee-approach-solution’ to the problems created by the world’s biggest committee, or putting Bill Gates in charge of software innovation, or trying to solve Police Corruption from within the Police Department.

The medium is not the message… the medium is the mess. To solve this puzzle you have to be Alice and go through the looking glass. ‘The Web’ is the playing field sure, you can’t avoid that, but “The Web” is in fact the problem.

Point of order: The Web, is not the internet! The Internet is 40+ years old. The web is less that 20. The Web is an overlay on the internet, and like a religion, people subscribe to the myth, believe, and don’t see it clearly.

Enough discussion in the public domain. If you would like to discuss it from “first principles” I’d be happy to do that.

““A Web-Centric Approach to VRM Implementation”. That’s like, trying to organize a ‘committee-approach-solution’ to the problems created by the world’s biggest committee, or putting Bill Gates in charge of software innovation, or trying to solve Police Corruption from within the Police Department.”

…I can’t shake the feeling that you haven’t really read the paper- although I am obviously biased by dint of being one of the authors.

Perhaps you can explain what precisely is problematic about using the models provided by the extremely popular tools of the day – blogging, feeds, etc – to enhance one’s ability to manage data pertinent to one’s self, and to share that with whomever you care?

You speak luddishly of the medium – the web – being the “mess”; perhaps you would prefer to found a new Year Zero and have us beat our hard drives into ploughshares?

Spoken with anticipated pluck! Adriana, I did not mean to cause offense, just perhaps to provoke a strong reaction to stimulate a healthy debate. ~ OK time to quote the great Alfred Korzybski, in what is I think one of the most insightful aphorisms of the twentieth century: “The map is not the territory”… and the Web is absolutely not the Internet.

No need to go back to primitive implements, rather lets go in the other direction. i.e Why try to negotiate answers and solutions in a cluttered, chaotic mostly lawless environment that more resembles a scene from Blade Runner, where the consumer has long since been disenfranchised.

Most people may have swallowed the Web’s plutocratic rules of engagement hook-line-and-sinker. But I beg to suggest that playing by its rules is not the way to go.

The difficulty with MINE is that it comes in all sorts of shapes and sizes through different software and it could be consumed in lots of different ways. (BTW Dublin Core could be handy here as an adjunct).

VRM would facilitate the sharing of ME and MINE and this is what differentiates this from copyright/rights management etc. VRM would allow me to proactively choose, control and track who consumes ME and MINE real time using Web 2.0 technology

First: I’m not Adriana. I am a 39 year old geek who has been on the internet since 1987-ish and have debugged TCP stacks for fun on occasion, so I am well aware that The Web != The Internet.

You ask:

>Why try to negotiate answers and solutions in a cluttered, chaotic mostly lawless environment [...] where the consumer has long since been disenfranchised.

…and I reject the proposition, let alone the question; the Net does not disenfranchise people; perhaps a generation of baby boomers are worried what their tearaway kids are doing, poking cellphone buttons rather than smoking pot and enjoying free-love, but as for the net being a cluttered, chaotic, mostly lawless environment? I would opine that humans are well adapted to live in such conditions and manage relationships and communications in them.

As for “playing by the rules” – I should ask, “what rules?” – you just suggested the web is lawless, and now you are saying it’s not?

Firstly, Mr. Muffet, I am not a “troll” – I take it that was intended as an insult. You’re a smart guy, so that was quite unnecessary, but does vector you somewhat. ~ But back to the discussion. In your first paragraph above, you say: “…so I am well aware that The Web != The Internet.”

Just let me understand you perfectly… are you saying that the Web does = the Internet? Let’s clear that one up first. Because, you go on to talk of “The Net” and whether or not any disenfranchisement is occurring.

If you are grouping the Internet, and the Web together simply as “The Net”, then it will be difficult to discuss the differences between (for instance) the traditional client-server approach vs newer more distributed and decentralized processes.

You’ve worked at Sun, you have worked with Grid-Computing, you know the different systems… Or is it all just a minestrone to you, in which (I read your bio) cracking people’s passwords, and then disseminating that knowledge on USENET is somehow cool, and something to be proud of?

[...] a URL of an anonymised calendar so that they could pick their delivery times and modes à la feeds-based VRM — on the days when I work from home, I’d be happy to accept packages, for example. [...]

If you are a member of Plaxo and connected to me you can tell immediately when I change my addresses. This publish and hold system might work but how do you keep your rss feed url secret. How do you control who subscribes? can you set up a openid login and white list to this portion on your publish and hold blog?

The adblocking revolution is months away (with iOS 9) – with trouble for advertisers, publishers and Google | The Overspill: when there’s more that I want to say “discussion of this post on Hacker [...] […]

Contact us – Simply Secure Contact us To join the conversation about usable security, follow us on Twitter (@simplysecureorg) or join us on Slack (email slack@simplysecure.org Posted from Diigo. The rest of my favorite links are here. […]